Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

276,391 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix... Unknown Unreviewed
CVE-2025-40108 was published Nov 9, 2025
In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent... Unknown Unreviewed
CVE-2025-40109 was published Nov 9, 2025
A vulnerability has been found in aaPanel BaoTa up to 11.1.0. This vulnerability affects unknown... Moderate Unreviewed
CVE-2025-12914 was published Nov 9, 2025
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown... High Unreviewed
CVE-2025-12915 was published Nov 9, 2025
A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3... Moderate Unreviewed
CVE-2025-12916 was published Nov 9, 2025
A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of... Moderate Unreviewed
CVE-2025-12913 was published Nov 8, 2025
The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-12643 was published Nov 8, 2025
The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2025-12399 was published Nov 8, 2025
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-12837 was published Nov 8, 2025
The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2025-11967 was published Nov 8, 2025
The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2025-11980 was published Nov 8, 2025
The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed
CVE-2025-12092 was published Nov 8, 2025
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-11448 was published Nov 8, 2025
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... High Unreviewed
CVE-2025-12099 was published Nov 8, 2025
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... Moderate Unreviewed
CVE-2025-12098 was published Nov 8, 2025
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12498 was published Nov 8, 2025
The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12621 was published Nov 8, 2025
The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed
CVE-2025-7663 was published Nov 8, 2025
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-9334 was published Nov 8, 2025
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions... Moderate Unreviewed
CVE-2025-11748 was published Nov 8, 2025
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed
CVE-2025-12042 was published Nov 8, 2025
The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed
CVE-2025-12000 was published Nov 8, 2025
The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2025-12064 was published Nov 8, 2025
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is... Moderate Unreviewed
CVE-2025-11972 was published Nov 8, 2025
The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded... Moderate Unreviewed
CVE-2025-12177 was published Nov 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database